JP2003203056A - User client server system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To solve the problems in a conventional art which requires a user to possess a number of user devices such as an IC card that the handling of the devices is inconvenient, and the risk in theft or loss is high because impor tant data are contained in each of them. <P>SOLUTION: A user system is divided to a user client device and a user server device. According to this, important data can be put in the user server device possessed or set in a more safe place. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a technique for safely and effectively using an IC card or a mobile terminal.

[0002]

2. Description of the Related Art Conventionally, contact type IC cards and magnetic cards are used by taking them out of a case such as a pass case and inserting them into a service system. In addition, the non-contact type IC card can be used by removing it from its container or by bringing it close to the service system without removing it.

In any case, those cards must be carried by the user himself and carried to the place of use. In addition, a system in which functions equivalent to those cards are replaced by mobile terminals has also appeared.

[0004]

Since the conventional IC card carries the actual item to the place where the user uses it, it may be dropped or stolen during transportation. When taking out the IC card from the container, it is possible that another person may witness the existence of the IC card and where it was put away after use.

Contact type for complete insertion into service system
There are times when the IC card is completely out of the user's hands or the user cannot track it with their own eyes. An IC card that needs to be taken out of the container is likely to be dropped because it is placed in a pocket or bag that users can relatively easily take out.

In the future, more important data such as private key of public key cryptosystem and privacy data will be stored in the IC card, and a plurality of applications will be put in one IC card. As expected, the damage will be great if dropped or stolen.

The problem of this damage is the same even in a mobile terminal that replaces an IC card. The present invention solves these problems and aims to use IC cards and mobile terminals safely and effectively.

[0008]

In order to solve the above problems, the present invention divides the functions of an IC card or a mobile terminal into a user client device and a user server device.

Usually, the user client device sends and receives data to and from the service system, and the data is sent and received to and from the user server device. The user server device stores and executes the application.

The C / S (Client / Server) communication means between the user client device and the user server device is mainly a wireless connection. Communication between the user client device and the user server device may be performed via the user proxy server.

According to a first aspect of the present invention, in a system in which a service system and a user system communicate with each other to provide a service, the user system includes a user client device and a user server device, and the user client device and the user client device. Each of the user server devices is provided with a C / S communication means capable of communicating with each other, and at least either the user client device or the user server device is provided with an inter-system communication means with a service system. The user system.

According to a second aspect of the present invention, in the user system according to the first aspect, when a service is used, the user client device and the user server device communicate with each other to execute a user process. How to execute.

According to a third aspect of the present invention, in the user system of the first aspect, necessary data is downloaded from the user server device to the user client device in advance, and when the service is used, the user client device communicates with the service system. A user process execution method, wherein a user process is executed using the data.

According to a fourth aspect of the present invention, in the user system according to the first aspect, the user client device is a portable information device, and the inter-system communication means for communicating data with the service system and the user server device. And a C / S communication means for communicating data between them, and a user client device.

A fifth aspect of the present invention is the user client device according to the fourth aspect, wherein when data is downloaded from the user server device to the user client device in advance, a use restriction is set for the data. A client device.

According to a sixth aspect of the invention, in the user system according to the first aspect, there is provided a C / S communication means for communicating data with a user client device, and a computer for processing the data. User server device.

According to a seventh aspect of the present invention, in the user system according to the first aspect, input / output for inputting / outputting data between the C / S communication means for communicating data with the user client device and the user device. Means, and a user server device.

According to an eighth aspect of the present invention, in the user system according to the first aspect, the C / S communication means for communicating data with the user client device and the input / output for inputting / outputting data with the user device. A user server device comprising: means and a selection means for selecting a user device that inputs and outputs data from a plurality of user devices.

The invention of claim 9 is from claim 6 to claim 8.
The user server device according to claim 1, further comprising intersystem communication means for communicating data with the service system.

The invention according to claim 10 is the user server device according to any one of claims 6 to 9, wherein the user server device is a file server.

According to an eleventh aspect of the present invention, in the user system of the first aspect, between the C / S communication means for communicating data with the user client device and between the C / S means for communicating the data with the user server device. A user proxy server device comprising: a communication unit.

According to a twelfth aspect of the present invention, there is provided an input / output unit for inputting / outputting data to / from the connected IC card, and an input / output unit for inputting / outputting the data to / from another device. It is a characteristic IC card adapter.

According to a thirteenth aspect of the present invention, there is provided a service device characterized by comprising an access point of a communication network in a system in which a service system and a user system communicate with each other to provide a service.

The invention according to claim 14 is the user system according to claim 1, wherein the user client device is a mobile phone and the user server device is provided with a settlement means.

[0025]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail with reference to the drawings.

FIG. 1 is a conventional system configuration diagram. This configuration diagram shows an example of using the service system 150 that provides some service with an IC card or a mobile terminal owned by the user.

In the present invention, a system for providing a service is called a service system, and a system for receiving a service is called a user system.

Normally, the service system 150 comprises a service device 153, a communication network 152, and a host computer 151 that the user directly accesses, but it may be a service device alone.

The user system 100 is a single user device 101 such as an IC card or a mobile terminal.

For example, when the user system 100 is an IC card, the user carries the IC card, inserts the card into the IC card reader of the service device 153, and touches the touch panel or buttons while watching the screen of the service device 153. Enter your password to receive the service. ATM (Automated
Teller Machine: An automated teller machine (Teller Machine).

IC that needs to be inserted into an IC card reader
Although the card is a contact type, it is a non-contact type IC card in the form of passing over a ticket gate like a commuter pass.

In the present invention, a device used by a user to receive a service is called a user device. Magnetic cards and IC cards are often used as conventional user devices, and mobile terminals are expected to be used more and more in the future.

The user device may record information such as authentication information, expiration date, electronic money, personal information and the like, or information such as a new transaction record, depending on its storage capacity and function. , Is important.

The present invention intends to ensure safe and effective use by dividing the user device in which the important information possessed by the user is recorded into a plurality of devices.

FIG. 2 is a conceptual diagram of use of the present invention. FIG. 2 shows an example in which the functions of the conventional user device are realized by a plurality of devices, with some connection patterns.

Here, the user system 200 includes a user client device 220 and user server devices 230a and 230b.
And a user proxy server device 240 that mediates communication between the user client device 220 and the user server devices 230a and 230b in the configuration of the user system 200 as required. Note that one or more user devices 201a and 201b may be connected to the user server devices 230a and 230b.

Normally, the user server devices 230a and 230b are either held by the user 210 without touching the skin, or placed in a safer place 211 for holding important data and performing important processing. It is taken out by hand and used for insertion or proximity to a service device, or as a man-machine interface with the user 210 for displaying or operating information.

In FIG. 2, the user client device 220 is illustrated as performing intersystem communication with the service system 250. However, if the service system 250 is compatible, the user server devices 230a and 230b communicate with the service system 250 and intersystem communication. You may Further, both the user client device 220 and the user server devices 230a and 230b may have inter-system communication means.

However, except when the service provided by the service system 250 requires only data transmission / reception such as content provision and acceptance of order data, when the user is accompanied by something such as cash deposit / withdrawal, the user is Would require insertion or access of the user equipment to the service equipment;
Since it may be installed in a safe place 211 away from the user 210 such as the user server device 230b, the user client device 220 usually has inter-system communication means.

Of course, the service system in which the user may accept the service request without facing the service device
In the case of 250, the inter-system communication means may be in the user server device 230b that is away from the user's body.

The user client device 220 is a portable information device, and is used by the user 210 while being carried by the user 210, with or without being taken out of the pocket, or exposed or unexposed like a watch type device. The mobile information device serving as the user client device 220 is an IC card or a mobile terminal.

In the present invention, the IC card includes a CPU built-in type, a wired logic type, a contact type, a non-contact type, a contact type and a non-contact type combination card, a multifunction card, a JAVA (registered trademark) card, GSM (Global System for
Mobile communications) SIM card (Su
bscriber Identity Module Card) and IMT-2000 (Internati
UIM (Use for onal Mobile Telecommunication 2000)
r Identity Module) card, and a radio frequency identification tag (RFID) used in the field of manufacturing and logistics. The CPU built-in type is called a smart card in Europe and America.

The IC card is used as a credit card, cash card, debit card, electronic wallet, prepaid card, telephone card, identification card, driver's license, boarding ticket, commuter pass, toll road ticket, entry / exit card, Health insurance card, resident card, welfare card, medical examination card, medical card, campus card, members card, membership card, ID card, loyalty card, shopping card,
Used as a data card, etc.

The IC card has a shape and S specified in ISO7816.
There is an IM card shape, and there are coin-shaped RFID tags.

The portable terminal is a portable telephone, a PHS, a PDA, a notebook personal computer, or any other information device that can be carried and used, and may have any shape such as a wrist watch type, a key chain type, a pencil type, a badge type and the like.

In the present invention, the service system is
It is a system for communicating with a user system and providing a service.

For example, ATMs and CDs (Cash Dispensers) of financial institutions
er), POS (Point Of Sales) terminal, handy terminal, time and attendance terminal, gate device, unmanned transaction machine, automatic ticket gate, vending machine, public telephone, mobile phone, personal computer,
In addition, it is a service device provided with a communication means for communicating with a reader / writer of an IC card or a mobile terminal, or a system including those service devices, a communication network, and a host computer.

In these conventional service systems, the IC
It is used by inserting or approaching a card, and by touching the keyboard or screen of the service system as needed.

The service system in the present invention includes a system for accessing using a communication network such as a telephone line, a mobile telephone line, and the Internet, and is not always close to the user.

In the present invention, the user system is a system for accessing the service system and receiving services. Enter the instructions for providing the service or necessary information for the service, or directly receive the service if the service is an information service.

When the user system is a single user device, for example, an IC card, it is required to input the personal identification number, the amount of money, etc. before the device is inserted into the service device and then drawn in and discharged. The input means will be used.

If the IC card is non-contact type, a display means and an input means may be provided on the surface of the IC card to operate the IC card side.

On the other hand, in the usage mode in which the IC card is only brought close to the ticket gate device such as the commuter pass, the display means and the input means may be neither in the IC card nor in the service device. Of course, the display means in this case is a means for displaying the contents of the IC card, displaying the guidance of input operation, and displaying the data being input, such as the expiration date and the user on the surface of the commuter pass. It does not mean that you write your name.

In the present invention, the user system is divided into at least a user client device and a user server device. It also includes a user proxy server device that mediates communication between the devices.

The user client device communicates with the user server device possessed by the user or the user server device at another place. The user client device may communicate with the user server device via the user proxy server device.

In the present invention, the user client device is a C / C which sends and receives data to and from the user server device.
It is a portable information device having an inter-S communication means. When the user proxy server device is used in the user system, the data transmission / reception destination is the user proxy server device.

The user client device usually has inter-system communication means for transmitting / receiving data to / from the service system. Further, if necessary, it has a display means for displaying data from the service device and its operation guidance, and an input means for inputting a personal identification number and data.

The user client device normally sends / receives data to / from the service device, sends / receives the data to / from the user server device, and the user server device performs data processing. If the user server device is a simple file server, it will be processed by the user client device.

In the present invention, the user server device is
It is a portable or stationary device having a C / S communication means with a user client device, and is usually a computer having a control means and a storage means and executing an application. However, it may be a simple file server.

The user server device has inter-system communication means with the service system, if necessary.

The user server device is a portable or stationary device, and although it is related to size and weight, it can be safely carried without the skin or even if it is installed in a safe place. Good.

Usually, the user server device holds important information and executes the program, and the user client device holds light information and executes the program.

The user client device may only pass data between the service system and the user server device.

It is conceivable that the holding of important information and the execution of programs in the user server device may be carried out by the computer itself, or the original user device may be housed or connected and entrusted.

In the present invention, the user server device is composed of a C / S communication means with the user client device and a computer that emulates an IC card and the like, and a C / S communication with the user client device. In some cases, it is configured by means and an input / output unit for storing and connecting the original IC card and a portable information device such as a portable terminal to input / output. Further, there is a configuration in which an inter-system communication means with a service system is added to these configurations. Further, these configurations may be combined and configured.

IC cards having different shapes may be stored or connected to the user server device using an IC card adapter.

At least one of the user client device and the user server device has an inter-system communication means for communicating with the service system, but the inter-system communication means is not necessarily built in any of the devices. For example, an adapter device may be used for both the user client device and the user server device, or a wireless connection device may be used for both the user client device and the user server device.

In the present invention, the user proxy server device is a device that has C / S communication means for communicating with the user client device and the user server device, and relays communication between the user client device and the user server device.

The user proxy server device may be connected in multiple stages or may be built in the user client device or the user server device. In addition, an inter-system communication means with the service system may be further provided to relay communication with the service system.

In the present invention, the intersystem communication means is
It is a communication means between the service system and the user system. The conventional IC card and the IC card reader / writer include means for exchanging data and means for communicating with a mobile terminal instead of the IC card, and the distance is not necessarily short.

Inter-system communication means include, for example, contact type and non-contact type IC card read / write means, Blue
tooth and IEEE 802.11b (Institute of Electrical and Ele
Short-distance wireless communication such as ctronic Engineers 802.11b) or mobile phones, PHS, Internet, etc. that are public networks can be used.

In the present invention, the C / S communication means is a communication means between the user client device and the user server device.

The C / S communication means is usually a mobile phone, PHS, Bl.
Wireless communication such as uetooth and IEEE802.11b is used. For example,
If you use Bluetooth, Bluetooth with built-in antenna
Consists of modules and protocol stack, Bluetooth
Data can be transmitted and received between the user client device and the user server device by using the serial port profile of. In addition, file transfer can be executed by using the file transfer / profile of Bluetooth. As a result, data download between the user server device and the user client device,
You can upload, backup, synchronize, request processing, and distribute processing. In addition, various LAN applications can be executed using the LAN access profile.

In the case where data is downloaded from the user server device to the user client device before use, or when the wireless C / S communication unit fails, a wired C / S communication unit is used. May be provided.

In the present invention, data means digital information that can be handled by a computer. Depending on the purpose of use, it is called data, program, code, ID, password, keyword, electronic money, electronic certificate, etc.

It is necessary to distinguish the data from the data signal on the communication path. This is because even if the data is the same, the data signal carrying the data will not be the same if the communication protocol is different. Further, the data may be subjected to processing such as encryption or compression other than that defined by the communication protocol.

[0077]

DETAILED DESCRIPTION FIG. 3 shows a user system 300 according to claim 1.
It is a block diagram of.

Service system 350 and user system 300
In a system in which the user communicates and provides a service, the user system 300 is configured by a user client device 320 and a user server device 330, and each of the user client device 320 and the user server device 330,
C / S communication means 322, 332 that can communicate with each other are provided, and at least either the user client device 320 or the user server device 330 is provided with the inter-system communication means 321 with the service system 350. The user system 300.

In FIG. 3, the inter-system communication means 321 is drawn on the user client device 320.

Although the user client device 320 is portable, the user server device 330 may be portable or stationary. In the case of holding the user client device 320 in the hand and communicating with the user server device 330 carried around, the user server device 330 also needs to be portable.

If the communication with the service system 350 is the conventional contact type, the user client device 320 is connected to the contact type I
It is necessary to provide the inter-system communication means 321 with the service system 350 by making it a C card type, but if it is a non-contact type, it is not particularly necessary to make it an IC card shape.

In an ATM or the like in which a conventional IC card is inserted and used, input / output of information necessary for use is performed by using the input / output means provided in the ATM or the like, but the user client device 320
If it is not necessary to insert the above into the service device, an input / output means such as a screen or a keyboard can be provided on the surface of the user client device 320.

Alternatively, if a mobile phone, PDA or the like is used as the user client device 320, it is possible to use the input / output means such as the screen or keyboard already provided for them. The user server device 330 may be provided with an input / output unit such as a screen or a keyboard.

A user process execution method according to a second aspect is characterized in that, in the user system according to the first aspect, when a service is used, the user client device and the user server device communicate with each other to execute the user process. It is a user process execution method for executing.

The service system and the user system execute processes while interactively exchanging data. The process on the user system side is executed while the user client device and the user server device interact with each other.

Various execution modes can be considered depending on how data and functions are shared between the user client device and the user server device. For example, when the user server device is a simple file server storing authentication data, the user client device only requests the user server device for the authentication data, and the necessary processing is executed by the program of the user client device. To do.

Further, for example, when the user client device has a function of simply mediating the data transmitted and received to and from the service system, the user server device is responsible for holding important data and necessary processing. of course,
Even if the data is simply transmitted, the data transmitted and received by both the user client device and the user server device may be encrypted and decrypted to prevent wiretapping.

Further, for example, there is a case where the user server device communicates with the service system and the user client device only performs screen display and key operation.

In any case, the user client device and the user server device cooperate to execute the process as the user system. For that purpose, the user client device and the user server device need to send and receive data.

The communication between the user client device and the user server device according to claim 2 is performed in real time when the user system communicates with the service system.

According to a third aspect of the user process execution method, in the user system according to the first aspect, necessary data is downloaded from the user server device to the user client device in advance, and when the service is used, the user client device uses the service system. And executing the user process using the data.

The mutual communication between the user client device and the user server device is performed in order to download necessary data from the user server device to the user client device in advance, and the user client device communicates with the service system to receive the service. In this case, the user client device does not ask the user server device for inquiries or requests for processing, and the user client device executes everything.

Therefore, the data downloaded in advance may include a program or authentication data that is not stored in the user client device, if necessary. Further, for example, it may be key data for releasing the function of the user client device so that it can be used for a certain period.

When the user client device and the user server device are within the communicable distance, they may mutually recognize each other and automatically exchange data.

Note that if the data held by the user client device fluctuates due to the provision of the service and it is desired to reflect the fluctuation in the user server device, the user server device must write the fluctuation data back. Need to upload.

FIG. 4 is a block diagram of a user client device 420 according to the fourth aspect.

In the user system 400 of claim 1,
The user client device 420 is a portable information device,
A user client device 420 characterized by having inter-system communication means 421 for communicating data with the service system 450 and C / S communication means 422 for communicating data with the user server device 430. Is.

When the portable information device is an IC card, the inter-system communication means 421 may be a contact-type or non-contact type communication means with which a conventional IC card reader / writer exchanges data, but a non-contact type. If Bluetooth or IEEE802.11b
May be used. In the case of the contact type, the contact shape is not always the same as that of a normal IC card.

When the shape of the portable information device is different from the standard of the IC card, the inter-system communication means 421 will often adopt the non-contact type rather than the contact-type original standard.

The inter-system communication means 421 exchanges authentication data and input / output data with the service system 450, requests data processing, uploads and downloads files, and the like.

The C / S communication means 422 matches the C / S communication means of the user server device 430 of the communication partner with the mobile phone, PH.
Usually, wireless communication such as S, Bluetooth, IEEE802.11b is used.

When the user client device 420 simply communicates the data communicated by the inter-system communication means 421 with the user server device 430, the data communicated by the inter-system communication means 421 and the C / S communication means 422 are communicated. The data has the same content.

The user client device according to claim 5 is the user client device according to claim 4, characterized in that when data is downloaded from the user server device to the user client device in advance, a use restriction is set for the data. It is a user client device.

In other words, when the data existing in the user server device is downloaded to the user client device, the use restriction is set for the data.

The data to be downloaded in advance includes programs and authentication data not stored in the user client device, if necessary.

The usage restrictions include usage restrictions and reduction of usage ranges.

When the usage limit or the number of times of use is set as a usage limit, the usage limit or the number of times of use is embedded in the downloaded data or is separately generated as management data. Then, when limiting the expiration date, it is judged by comparing with the date and time acquired from the user client device or time server, and when limiting the number of times of use, it is subtracted each time it is used and it is judged whether it becomes zero or not. Then, it is judged whether or not it has reached a certain value.

When the expiration date or the number of times of use has expired, the downloaded data or the derived data may be automatically deleted. Alternatively, the unusable mark may be added without erasing, and only the data for removing the unusable mark may be downloaded next time.

The use limit cannot be used after the condition is satisfied, while the use range can be reduced depending on the condition at the time of use.
For example, it can be used only when you are in a certain area,
There is a fixed time zone that can be used, or the number of functions that can be used increases or decreases.

The reason why the use is restricted is that, in the case where the required data is downloaded from the user server device in advance and the service system is used only by the user client device, the user client device uses the service system under proper conditions. This is for the purpose of reducing the risk after theft or loss of the user client device.

Further, the user client device has most of the necessary data, and the key data for using the data should be acquired from the user client device at a fixed period or when the service system is to be used. You may make it a different structure.

When the data fluctuations to be held by the user system are not reflected in the user server device in real time but temporarily held in the user client device, the fluctuation data is uploaded to the user server device for writing back. Will be done.

FIG. 5 shows a user server device according to claim 6.
It is a block diagram of 530.

In the user system 500 of claim 1,
C communicating data to and from user client device 520
A user server device 5 characterized by having an inter-S / S communication means 532 and a computer 536 for processing the data.
30.

The C / S communication means 532 normally uses wireless communication by means of a mobile phone, PHS, Bluetooth, IEEE802.11b, etc. in accordance with the C / S communication means of the user client device 520 of the communication partner.

Although the user server device 530 is originally equipped with a processor as a computer, there are cases where the processor processes the data and cases where it is carried out by another processor.

When using a different processor, in addition to using a general-purpose processor used in personal computers, etc.
It is possible to use the processor used in the card. I c
If you use the processor used for the card, you can use the OS developed for the IC card as it is.

The computer 536 executes a unique function according to the service system 550 or emulates the function of a conventional IC card. In the latter case, unless the specifications of the functions are disclosed, whether the manufacturer or publisher publishes the logic and data that realize the functions of the IC card,
It is necessary to provide the program and data that emulate the logic as a file.

According to the invention of claim 6, the user server device hidden away from the body or the user server device in a distant and safer place are provided with important processing means or storage means, and directly correspond to the service system. It is possible to reduce the damage such as loss or theft of the conventional IC card by not holding it in the portable information device to be used.

FIG. 6 shows a user server device according to claim 7.
FIG. 6 is a configuration diagram of 630.

In the user system 600 of claim 1,
C communicating data to and from the user client device 620
The user server device 630 is characterized by having an inter-S / S communication means 632 and an input / output means 633 for inputting / outputting data to / from the user device 601.

The C / S communication means 632 generally uses wireless communication by a mobile phone, PHS, Bluetooth, IEEE 802.11b, etc. in accordance with the C / S communication means of the user client device 620 of the communication partner.

The input / output unit 633 is the same as the conventional user device 601.
For IC cards, standardized conventional IC card readers / writers are used. If the user device 601 is a mobile terminal, input / output must be performed in a wired or wireless manner according to a corresponding protocol.

The user device 601 having a standardized shape such as an IC card stores and supplies power to the user server device 6.
It would be convenient to be able to do it at 30.

If the user device 601 is a SIM card, it can be handled as a conventional IC card by using an IC card size card holder.

If the shape of the user device 601 is not constant, RS-232C (Recommended Standard 232 version C) or U
SB (Universal Serial Bus), IEEE1394 (Institute of El
electrical and Electronic Engineers 1394) and the like, and wireless connection such as Bluetooth and IEEE802.11b.

The power supply required for the user device 601 is supplied from the user server device 630 via a connection cable such as USB or IEEE1394, although it depends on the capacity.

In the simplest form of claim 7, the data that the user client device 620 communicates with the service system 650 is the original user device such as an IC card or a portable terminal that the user server device 630 can input / output. It is processed by 601. In this case, the data that the user client device 620 communicates with the service system 650 and the data that the user server device 630 communicates with the user device 601 are the same.

As a slightly more complicated form, for example, a form in which only the electronic certificate is issued by the IC card and the record of use is stored in the storage means of the user server device 630 can be considered. Alternatively, a form in which electronic money as a payment means is handled by an IC card and an ID and a password are handled by the user server device 630 can be considered.

According to the invention of claim 7, the user device including the important processing means and storage means is placed in the user server device which is concealed without being separated from the body or the user server device in a distant and safer place. It is possible to reduce damage such as loss or theft of the user device.

FIG. 7 shows a user server device according to claim 8.
FIG. 7 is a configuration diagram of 730.

In the user system 700 of claim 1,
C for communicating data with the user client device 720
/ S communication means 732 and user devices 701a, 701b, 701c, 701
Input / output means 733 for inputting / outputting data to / from d, ..., 701n
And a plurality of user devices 701a, 701b, 701c, 701d, ..., 70
A user server device 7 comprising: selecting means 734 for selecting a user device for inputting / outputting data from 1n.
30.

The C / S communication means 732 normally uses wireless communication by a mobile phone, PHS, Bluetooth, IEEE802.11b, etc. in accordance with the C / S communication means of the user client device 720 of the communication partner.

The input / output means 733 is used by the user devices 701a and 701.
If b, 701c, 701d, ..., 701n are conventional IC cards,
A standardized conventional IC card reader / writer is used.
If the user devices 701a, 701b, 701c, 701d, ..., 701n are mobile terminals, it is necessary to input / output by wired or wireless protocol according to each protocol.

User devices 701a, 701b, 701c, 701d, ...
If the 701n has a standardized shape such as an IC card, it is convenient to allow the user server device 730 to store and supply power.

User devices 701a, 701b, 701c, 701d, ...
If the 701n is a SIM card, it can be handled as a conventional IC card by using an IC card-sized card holder.

User devices 701a, 701b, 701c, 701d, ...
If the shape of 701n is not constant, RS-232C, USB, IEEE13
It will be connected by wire such as 94 or wirelessly by Bluetooth or IEEE 802.11b.

User devices 701a, 701b, 701c, 701d, ...
The power required for the 701n depends on the capacity, but USB and IEEE1
As in 394, it is supplied from the user server device 730 with a connection cable or separately supplied.

Multiple user devices 701a, 701b, 701c, 701
The selection means 734 for selecting a user device for inputting / outputting data from d, ..., 701n includes user devices 701a, 701b, 701c, 701.
The terminals between d, ..., 701n and the input / output unit 733 are electrically connected and the communication path is opened.

For example, a plurality of IC card interface chips are arranged on the data bus of the user server device 730, and contact ICs are provided through respective IC card contacts.
When in contact with the card, a specific IC is generated by the control signal.
By selecting the card interface chip,
The data sent on the data bus reaches the IC card, and the response from the IC card goes on the data bus.

When using Bluetooth, for example, a specific user device is selected by the Bluetooth device address.

A plurality of user devices 701a, 701b, 701c, 701
The user device to be selected from d, ..., 701n may be selected by the user's operation or may be automatically selected by interaction with the service system.

The selection by the user depends on whether the user client device 720 has the display means and the input means or not.

If the user client device 720 has a display means and an input means and does not have to be kept at hand when using it, the user client device 720 can select the display means and the input means.

When the user client device 720 does not have the display means and the input means, the selection menu is displayed on the display means possessed by the service device which recognizes the user client device 720, and the input possessed by the service device is displayed. It will be selected by means.

In general, the display means of the service device, which is often fixed at the installation location, has a larger screen and more options can be displayed than the display means of the user client device 720 which attaches importance to portability. It is thought that it can be done.

On the other hand, in terms of operability, the input means of the shared service device is general-purpose, whereas the input means of the user client device 720 carried by an individual is
It is possible to register frequently used operating procedures and specific character strings as a shortcut key, a shortcut key, or a hot key, which allows easier operation and familiarization in advance.

Therefore, it is conceivable that many choices are displayed on the display means of the service device and the selection operation is performed by the input means of the user client device 720.

When the selection target is an IC card, standardization of the IC card is in progress, so that the selection can be automated to some extent.

When automatically selecting the IC card, each time the user client device 720 is used, a message from the service system 750 is sent to each IC card stored in the user server device 730 at the same time or sequentially. A method of transmitting, judging and selecting a response thereto, and a user server device 730 sending a message to the newly housed IC card, and based on the response to the IC card housed in the user server device 730 By learning and retaining the function list of in advance, the service system 75
A possible method is to select an IC card corresponding to the message from 0.

The above-mentioned response is, for example, a management information character (historical char) which is an option of initial response information (reset response: Answer To Reset) defined by ISO7816.
It is an AID (Application Identifier) for identifying an IC card application.

Of course, even if the options are narrowed down by these, for example, the service systems 750 and I to be used are
If there are multiple applications that are common with the C card and the application to be used cannot be automatically determined, the user's selection operation is still required.

In the simplest form of claim 8, the data that the user client device 720 communicates with the service system 750 is the original user device such as an IC card or a portable terminal that the user server device 730 can input / output. 701a,
701b, 701c, 701d, ..., 701n. in this case,
User client device 720 communicates with service system 750 and user server device 730 communicates with user device 701.
The data communicated with a, 701b, 701c, 701d, ..., 701n are the same.

As a slightly more complicated form, for example, a form in which only the electronic certificate is issued by the IC card and the record of use is stored in the storage means of the user server device 730 can be considered. Alternatively, an electronic card as a settlement means may be handled by an IC card, and an ID and a password may be handled by the user server device 730.

According to the invention of claim 8, a plurality of user devices including important processing means and storage means are placed in a user server device which is concealed without being separated from the body or a user server device in a distant more secure place. It is possible to reduce damage such as loss or theft of the conventional user device.

The user server device according to claim 9 is the same as claim 6
9. The user server device according to claim 8, wherein inter-system communication means for communicating data with a service system,
It is a user server device characterized by having.

Inter-system communication means is, for example, Bluetoot
It is a short-distance wireless communication such as h or IEEE802.11b, or a public network such as a mobile phone, PHS or the Internet.

When the user server device has inter-system communication means, the user server device normally issues an instruction to the user server device to receive the service, and the user server device communicates with the service system. Is possible.

The data communicated with the service system is usually processed by the user server device. However, the user server device sends the data to the user client device for processing or processing by the user client device as necessary. Display and user input operations are performed.

The user server device may automatically start a service request to the service system at a fixed date and time. Further, the user server device may have a display means and an input means.

A user server device according to claim 10 is the user server device according to claims 6 to 9, which is a file server.

The execution of the application is performed by the user client device.

This user server device can also be used for backup. It may be used as a database server by operating a database management system.

FIG. 8 is a block diagram of a user proxy server device 840 according to claim 11.

In the user system 800 of claim 1,
C for communicating data with user client device 820
/ S communication means 842a and the user server device 83 the data.
C / S communication means 842b for communicating with 0, and a user proxy server device 840.

The C / S communication means 842a and 842b are used for communication between the user client device 820 and the user server device 830, which are communication partners.
Depending on the communication method between C / S, mobile phone, PHS, Bluetoot
h, wireless communication such as IEEE802.11b is usually used.

The user proxy server device 840 not only simply relays data, but also selects a fast, safe and inexpensive relay line, performs data encryption, and uses the user's PAN (Parsonal Area Network). LAN at home (Loca
l Area Network), an internal LAN such as an office LAN, and a public network such as the Internet may be allowed only a specific connection or may be blocked from unauthorized access from the outside. Further, data that does not change may be cached for a certain period in order to reduce the line load.

The inter-system communication means may be provided in the user proxy server device 840 and the inter-system communication means included in the user client device 820 or the user server device 830 or the inter-system communication means independent of them may be substituted.

The user proxy server device 840 may be used by connecting in multiple stages.

FIG. 9 is a block diagram of an IC card adapter 960 according to the twelfth aspect.

Input / output means 963b for inputting / outputting data to / from the connected IC card 980 and another device 970 for transmitting the data.
And an input / output unit 963a for inputting / outputting data to / from the IC card adapter 960.

By using this IC card adapter 960, the input / output means of the IC card 980 can be converted.

For example, contact-type input / output means may be changed to non-contact type input / output means, non-contact type input / output means may be changed to contact-type input / output means, or communication of non-contact type input / output means may be performed. Change the distance. Also, the memory card may be changed to a card with a CPU.

After the conversion, if the non-contact type input / output means,
Since the shape is not particularly limited, it is preferable that the shape is an IC card, a card holder, a mobile phone, a PDA, etc. and that it is easy to carry.

If the IC card 980 is a contact type, it has to be brought into contact with the IC card adapter 960 having a contact type input / output means 963b, but if it is a non-contact type, an IC card adapter having a non-contact type input / output means 963b. You don't have to touch the 960.

However, in the case of a non-contact type IC card of a close contact type, a thickness problem arises when they are stacked for close contact,
Some contact type IC card readers / writers may not be inserted.

IC card 980 for IC card reader / writer
If you do not need to insert the whole, for example IC card 980
There is a possibility that it can be dealt with by overlapping half the IC card adapter 960 and the IC card adapter 960, or by closely adhering the IC card 980 to the edge of the IC card 980.

If the contact shape and the contact function are the same as in a contact type SIM card with a small size and there is no need to change the input / output means, a SI base is used as a standard IC card size base.
I only need to be able to insert the M card, so I
C card adapter 960 is not required. However, if the SIM card can be stored inside the IC card adapter 960, SI
It is possible to avoid the problem that the M card may come off from the pedestal.

Even when the IC card 980 is stored in the user server device, if the IC card 980 does not match the input / output means provided in the user server device, this IC card adapter can be used.

IC card 980 to be stored in the user server device
If possible, if the contact server is unified, the configuration of the user server device becomes simpler. Therefore, for example, it is conceivable that the contact type is desired and the issuer receives the grant. However, if the contact type IC card 980 is directly used by the contactless type service device for some reason, it will be a problem. In this case, it is convenient to have an IC card adapter 960 capable of converting contact type input / output to non-contact type input / output.

Of course, this IC card adapter 960 can be widely used not only for the purpose of simplifying the configuration of the user server device.

FIG. 10 shows a service device according to claim 13.
It is a block diagram of 1053.

Service system 1050 and user system 10
00 is a service apparatus 1053 characterized by including an access point 1054 of a communication network in a system for communicating and providing a service. In FIG. 10, only the service device 1053 is depicted as the configuration of the service system 1050.

In the thirteenth aspect of the present invention, the communication network 1052 includes the Internet, a public line, a dedicated line, a communication satellite line and the like. In reality, it seems that the administrator of the service system 1050 often provides an internet access point as an internet access provider or goes through an internal line such as the company's intranet. The host computer of the service system is not always connected to the communication network.

By providing the service device 1053 with the access point 1054 to the communication network, convenience for the user can be achieved. The term “provided here” means that all or part of the devices (including the line and the power supply) that form the access point are integrated with or connected to the service device.

Regarding use, there is a problem of limiting users or charging. For example, service device 1053
While using, may be used as a communication path between the user client device and the user server device,
Connect to a mobile device that has a customer code with Bluetooth to use the Internet or VoIP (Voice over Internet)
For example, allowing voice call by Protocol).

[0187] Also, the communication network 1052 of this access point
Can also be shared for management of service system 1050. For example, user authentication, device status check, management of cash and goods stored, use status report, update of information displayed on display, update of information wirelessly transmitted to the vicinity of the device, and the like.

According to the present invention, it is possible to provide convenience to the user and at the same time to effectively use the resource of the communication network.

FIG. 11 is a block diagram of a user system 1100 according to claim 14.

A user system 1100 according to claim 1, wherein
A user system 1100 is characterized in that the user client device 1120 is a mobile phone, and the user server device 1130 is provided with a settlement means 1135.

The settlement means section 1135 is a mechanism that has a built-in settlement means in advance or a mechanism to which the settlement means can be added later. The former is, for example, a mechanism that incorporates electronic money as a payment means, and the latter is, for example, a mechanism that allows a prepaid card to be attached.

The settlement here means not only settlement of the usage fee but also execution of some action that is particularly required as a problem to be cleared in order to use the service. Includes sending a digital certificate.

If the user server device 1130 is provided with a settlement means section, own telephone directory, communication record, etc., and such data is not left in the user client device 1120, that mobile phone, Even if it is stolen or lost, there is no risk of data misuse.

In the present invention, the technique adopted for the C / S communication means or communication procedure between the user client device and the user server device or the user proxy server device is arbitrary.

Normally, the user client device is dedicated to transmitting and receiving data quickly and safely between the service system and the user server device, and the data processing is left to the user server device.

However, for example, in a usage mode in which the user client device serves as an ID card and responds to the inquiry from the service system with a determined ID and password, the user client device can be used simply and without any change. Can be used as an alternative to the ID card.
In that case, the necessary ID and password are held in the user client device by writing, copying from the original ID card, or caching the communication contents.

The mutual C / S communication means of the user client device, the user server device, and the user proxy server device is a proximity type or remote type non-contact type when they are in a short distance.
I / O methods used in IC cards, Bluetooth and IEEE8
Communication means such as 02.11b can be used.

When the user is moving a long distance and is moving, it is connected by a communication means of mobile communication such as a mobile phone line directly or via an access point of the communication means, and when not moving, it is a fixed line. You may connect.

It is preferable to encrypt the data to be transmitted and received in order to prevent wiretapping.

The non-contact type IC card has no connection terminal on the surface, so it is resistant to unauthorized intrusion and printing on the entire surface of the card is possible.
It is resistant to humidity and abrasion, can be used even in environments with vibration and dust, and does not require a card drive or card positioning mechanism for the reader / writer, and can make a cheap and robust service system. It is expected that it will spread in the future due to advantages such as savings.

When the IC card is a non-contact type, it is possible for one service device to simultaneously process use from a plurality of non-contact type IC cards.

However, when cash or merchandise is taken out from the service system, in order to clarify who belongs to the place, one person is required to make 1
It is necessary to make it a form that occupies the platform.

Therefore, in such a case, it is preferable that the communication between the user client device and the service system is of the contact type or the proximity type so that it can be seen who is using the service device.

It is simpler to construct the user server device by unifying the input / output of data between the user server device according to claim 7 and claim 8 and the IC card housed in the user server device, if possible. become.

Therefore, even if the original IC card is a system for contactless data communication with the service device,
It is possible that a contact-type IC card will be issued to be stored in the user server device.

The user server device according to claims 7 and 8 may use the IC card provided by the issuer as it is, so that a program for emulating logic for realizing the function of the IC card may be developed. It's easier to maintain. There is no need to install the program on the server.

The user server device according to claims 6 to 10 may be incorporated in a mobile terminal or a home server.

The mobile terminal may be a mobile phone, a PDA, or any other information device that can be carried and used, or a wristwatch type, a key chain type, a pencil type, a batch type, or the like.

[0209] The home server is a core device of the home network, and has a function of controlling various household devices, a function of connecting to the Internet or a cable TV, a mail server function, a Web server function, an answering machine and various contents. It is considered that a data storage function for saving will be provided. The user server device may be incorporated in such a home server. However, the installation location is not limited to the home. For example, a device having a similar function may be provided under the name or concept of an office server.

The user server device according to claims 6 to 10 or the home server or office server incorporating the user server device may be further incorporated into a safe. The safe includes a data vault and a vault built in the form of a safe. In addition, safe deposit boxes of financial institutions and IDC (Internet Data
Center) Including facilities. The user server device incorporated in the safe is more safe in terms of earthquake resistance, fire resistance, crime prevention, temperature and humidity, backup power supply, line capacity, line bypass, and the like.

At present, in a service terminal such as ATM, a magnetic card or an IC card is inserted, then the screen displayed on the service terminal is viewed, and necessary items are input by the input means provided in the service terminal. Receiving service.

When the user client device is provided with a display unit and an input unit, it is possible to provide a system in which necessary items can be input in advance and the items that have been input all at once can be transmitted to the service terminal after approaching the service terminal. It will be possible. For that purpose, data for selecting a service and displaying an input screen for necessary items is necessary in advance.

If the data is not standardized, the data for each type of service device or each financial institution where the service device is installed is stored in the user client device in advance, or when the user uses it for the first time, The client device is made to learn, and the learned data is used from the next time onward. Since the data contents of the service content and screen configuration of the service device may change due to the expansion of the service, it is also necessary to learn the changed part each time it is used.

Note that the user client device can be learned from other than the service device. For example, if data is provided on the Internet, it is possible to learn in advance or input necessary data. Also, when entering the building where the service device is placed, Bluetooth
If data is provided wirelessly such as with a relatively short distance, data can be received and necessary data can be input while waiting in a queue for using the service device.

[0215] It seems difficult to eliminate the necessity of possessing a plurality of IC cards in the future. If you can put all the applications in one IC card, you are freed from having to have multiple cards. However, the loss or theft of the IC card that contains the applications is a big risk.

Perhaps not all the applications can be put in one IC card. Even if a lot of applications are put together, it seems that the number of citizenship cards issued by the government, employee cards issued by companies that have been employed, financial cards, and other personal data cards will remain.

If all the applications are put together on one IC card, for example, if some kind of administrative procedure or opening an account with a financial institution is performed, it is necessary to immediately write the application on the existing IC card as an application. I won't. Otherwise, you will have to deposit the IC card with only one card, and you will not be able to use the applications stored in the deposited IC card during that time.
Putting multiple applications on one card complicates the handling when issuing, abolishing, or rewriting.

At present, the number of magnetic cards, such as credit cards and cash cards, that need to be carried is increasing, but in the future, the issuance of IC cards will increase, and proper management thereof will become an issue.

In the present invention, as a solution, a plurality of ICs is used.
Although the safe and effective management method of the card was presented, it is not only that, but it proposes the safe and effective use of the entire mobile terminal including the IC card.

[0220]

According to the present invention, the user system can apparently realize the functions of a plurality of IC cards. And,
The user client device does not need to include any important control means or storage means, and the damage is small even if it is dropped or stolen. The important control means and storage means can be hidden as a user server device without being separated from the body or placed in a distant and safer place. These allow safe and effective use of IC cards and similar mobile terminals.

[Brief description of drawings]

FIG. 1 is a block diagram of a conventional system of the present invention.

FIG. 2 is an image diagram of the use of the present invention.

FIG. 3 is a configuration diagram showing an embodiment of claim 1;

FIG. 4 is a configuration diagram showing an embodiment of claim 4;

FIG. 5 is a configuration diagram showing an embodiment of claim 6;

FIG. 6 is a configuration diagram showing an embodiment of claim 7;

FIG. 7 is a configuration diagram showing an embodiment of claim 8;

FIG. 8 is a configuration diagram showing an embodiment of claim 11;

FIG. 9 is a configuration diagram showing an embodiment of claim 12;

FIG. 10 is a configuration diagram showing an embodiment of claim 13;

FIG. 11 is a configuration diagram showing an embodiment of claim 14;

[Explanation of symbols]

100, 200, 300, 400, 500, 600, 700, 800, 1000, 1100
User system 101, 201a, 201b, 601, 701a, 701b, ..., 701n User device 150, 250, 350, 450, 550, 650, 750, 850, 1050, 1150
Service system 151 Host computer 152, 1052 Communication network 153, 1053 Service device 210 User 211 Safe place 220, 320, 420, 520, 620, 720, 820, 1120 User client device 230a, 230b, 330, 430, 530, 630, 730, 830, 1130 User server device 240, 840 User proxy server device 321, 421 Inter-system communication means 322, 332, 422, 532, 632, 732, 842a, 842b C / S communication means 536 Computer 633, 733 , 963a, 963b Input / output means 734 Selection means 960 IC card adapter 970 Other device 980 IC card 1054 Access point 1135 Payment means section

─────────────────────────────────────────────────── ───

[Procedure amendment]

[Submission date] January 8, 2003 (2003.1.8)

[Procedure Amendment 1]

[Document name to be amended] Statement

[Name of item to be corrected] Claim 9

[Correction method] Change

[Correction content]

[Procedure Amendment 2]

[Document name to be amended] Statement

[Name of item to be corrected] Claim 10

[Correction method] Change

[Correction content]

[Procedure 3]

[Document name to be amended] Statement

[Correction target item name] 0019

[Correction method] Change

[Correction content]

The invention of claim 9 is from claim 6 to claim 8.
The user server device according to any one of claims 1 to 4, which further comprises an inter-system communication means for communicating data with a service system.

[Procedure amendment 4]

[Document name to be amended] Statement

[Correction target item name] 0020

[Correction method] Change

[Correction content]

An invention according to claim 10 is the user server device according to any one of claims 6 to 9, which is a file server.
Is.

[Procedure Amendment 5]

[Document name to be amended] Statement

[Name of item to be corrected] 0156

[Correction method] Change

[Correction content]

The user server device according to claim 9 is the same as claim 6
9. The user server device according to claim 8, further comprising: inter-system communication means for communicating data with a service system.

[Procedure correction 6]

[Document name to be amended] Statement

[Correction target item name] 0161

[Correction method] Change

[Correction content]

A user server device according to claim 10 is the user server device according to any one of claims 6 to 9, and is a file server.

[Procedure Amendment 7]

[Document name to be amended] Statement

[Correction target item name] 0204

[Correction method] Change

[Correction content]

A user server device according to claim 7 or 8, and the user server device is housed.
If possible, if the input / output of data to / from the IC card is unified to the contact type, the configuration of the user server device becomes simpler.

[Procedure Amendment 8]

[Document name to be amended] Statement

[Correction target item name] 0206

[Correction method] Change

[Correction content]

Since the user server device according to claim 7 or 8 may use the IC card provided by the issuer as it is, it emulates the logic for realizing the function of the IC card. Easier than developing and maintaining a program. There is no need to install the program on the server.

[Procedure Amendment 9]

[Document name to be amended] Statement

[Correction target item name] 0207

[Correction method] Change

[Correction content]

The user server device according to any one of claims 6 to 10 may be incorporated in a mobile terminal or a home server.

[Procedure Amendment 10]

[Document name to be amended] Statement

[Correction target item name] 0210

[Correction method] Change

[Correction content]

The user server device according to any one of claims 6 to 10 or the home server or office server in which the user server device is incorporated may be further incorporated in a safe. The safe includes a data vault and a vault built in the form of a safe. In addition, safe deposit boxes and IDs of financial institutions
Includes C (Internet Data Center) facilities. The user server device built in the safe is earthquake resistant, fire resistant, crime proof, temperature and humidity,
Higher safety in terms of backup power supply, line capacity, line detour, etc.

   ─────────────────────────────────────────────────── ─── Continued front page    F-term (reference) 2C005 MA05 MB01 MB02 MB03 MB07                       MB08 MB10 NA02 NA06 SA05                       SA06 SA12 SA21 SA25 TA21                       TA22                 5B017 AA07 BA10 BB10 CA14                 5B058 CA01 KA24 KA31                 5B085 AE12 BA06 BG02

Claims (14)

[Claims] 1. A system in which a service system and a user system communicate with each other to provide a service, wherein the user system comprises a user client device and a user server device, and each of the user client device and the user server device. C / S that can communicate with each other
A user system comprising a communication means, and at least one of the user client device or the user server device having an inter-system communication means with a service system. 2. The user system execution method according to claim 1, wherein the user client device and the user server device communicate with each other to execute a user process when a service is used. 3. The user system according to claim 1, wherein necessary data is downloaded from the user server device to the user client device in advance, and when the service is used, the user client device communicates with the service system to store the data. A user process execution method, wherein a user process is executed by using the user process. 4. The user system according to claim 1, wherein the user client device is a portable information device, and data is communicated between an intersystem communication means for communicating data with a service system and a user server device. C / S
An inter-communication means, and a user client device. 5. The user client device according to claim 4, wherein when data is downloaded from the user server device to the user client device in advance, a use restriction is set on the data. 6. The user system according to claim 1, further comprising a C / S communication means for communicating data with a user client device, and a computer for processing the data. . 7. The user system according to claim 1, further comprising an inter-C / S communication means for communicating data with a user client device, and an input / output means for inputting / outputting data with the user device. A user server device characterized by the above. 8. The user system according to claim 1, wherein the C / S communication means for communicating data with the user client device, the input / output means for inputting / outputting data with the user device, A user server device, comprising: selecting means for selecting a user device for inputting / outputting data from / to the user device. 9. The user server device according to claim 6, further comprising an inter-system communication means for communicating data with a service system. 10. The user server device according to claim 6, wherein the user server device is a file server. 11. The user system according to claim 1,
C / S to communicate data with user client device
A user proxy server device comprising: inter-communication means; and C / S communication means for communicating the data to the user server device. 12. An IC comprising: input / output means for inputting / outputting data to / from a connected IC card; and input / output means for inputting / outputting the data to / from another device.
Card adapter. 13. A service apparatus comprising a communication network access point in a system in which a service system and a user system communicate with each other to provide a service. 14. The user system according to claim 1, wherein:
A user system, wherein the user client device is a mobile phone, and the user server device is provided with a settlement means.